Cyber Doc logo Cyber Doc
Cybersecurity Term

What is cross-site request forgery?

A web attack that tricks a logged-in browser into sending an unwanted request.

Web & Application Security Last reviewed: 2026-05-20

← Back to Learn Centre

What is cross-site request forgery?

Cross-site request forgery, or CSRF, tricks a logged-in user’s browser into sending an unwanted request to a website where they are already authenticated.

Simple example

A user is logged into an admin portal and visits a malicious page that silently tries to submit a setting change.

Why it matters

CSRF can cause unwanted actions, especially in older or poorly protected web applications.

Common warning signs

  • The activity is unexpected or unusual for the business context.
  • The request or system behaviour creates pressure to act quickly.
  • Normal approval, verification, or security processes are bypassed.
  • There are signs of unauthorised access, data exposure, or system change.
  • Staff are unsure whether the request, message, or system behaviour is legitimate.

Cyber Doc view

This term should be understood in business context, not only as a technical issue. Good protection usually combines clear processes, appropriate technical controls, staff awareness, and a calm response plan.

What to do

Proactive steps

  • Use anti-CSRF tokens for sensitive actions.
  • Use SameSite cookie protections.
  • Require re-authentication for high-risk changes.
  • Avoid using GET requests for state-changing actions.
  • Test authenticated workflows.

Reactive steps

  • Review logs for suspicious account or setting changes.
  • Invalidate active sessions if needed.
  • Patch missing CSRF protections.
  • Reverse unauthorised changes where possible.
  • Notify affected users if account actions were triggered.

Related terms

  • Authentication
  • Session hijacking
  • Web application security